Our client is a well-established cybersecurity consulting and managed security services provider that helps organizations strengthen their security posture through advanced offensive security assessments, penetration testing, red teaming, and security advisory services. Due to continued business growth, they are seeking an experienced Penetration Tester to join their expanding cybersecurity team in Kuala Lumpur.
About the RoleAs a Senior Penetration Tester, you will lead and execute a wide range of offensive security engagements across enterprise environments, applications, cloud infrastructure, and mobile platforms. You will work closely with clients to identify vulnerabilities, assess risks, and provide actionable recommendations to improve their security posture.
This role is ideal for a cybersecurity professional who enjoys hands-on technical work, client engagement, and mentoring junior consultants while contributing to complex security assessment projects.
Key Responsibilities- Plan, scope, and execute penetration testing engagements across:
- Network infrastructure
- Web applications
- Mobile applications
- Cloud environments
- Conduct advanced offensive security assessments and red team exercises to simulate real-world attack scenarios.
- Identify, validate, and exploit vulnerabilities while assessing their potential business impact.
- Prepare detailed technical reports and executive summaries outlining findings and remediation recommendations.
- Present findings and recommendations to both technical and non-technical stakeholders.
- Provide security consulting and advisory services to clients on risk mitigation and security improvements.
- Review and quality assure deliverables produced by junior team members.
- Mentor and coach junior consultants on testing methodologies, reporting, and offensive security techniques.
- Stay current with emerging threats, attack techniques, and industry best practices.
- Minimum 3 years of hands-on experience in:
- Penetration Testing
- Offensive Security Assessments
- Web Application Security Testing
- Mobile Application Security Testing
- Red Team Exercises
- Strong understanding of:
- OWASP Top 10
- MITRE ATT&CK Framework
- Network Security
- Cloud Security Concepts
- Vulnerability Assessment Methodologies
- Experience using industry-standard security testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, and related platforms.
- Strong report-writing and client-facing communication skills.
- Ability to translate complex technical findings into business risk language.
- Industry certifications such as:
- OSCP
- CREST CRT/CCT
- OSEP
- OSWE
- GPEN
- Equivalent offensive security certifications
- Experience within a cybersecurity consulting, MSSP, or professional services environment.
- Previous experience leading projects or mentoring junior consultants.
...
